<?php
  include("header.php");
  include("functions.php");
  $pageTitle = "Forums";
  if ($_SESSION['user_level'] != 1) {
      header("location: redirect.php");
  } else {
      if ($_SERVER['REQUEST_METHOD'] != 'POST' and !isset($_GET['forum_edit']) and !isset($_GET['forum_delete'])) {
	  if (isset($_GET['sort']) AND $_GET['f']!="")
	  {
	  if ($_GET['sort']!="default")
	  {$forum_sort = $db->query("UPDATE " . $table_prefix . "categories SET cat_sort = $_GET[sort] 
	  WHERE cat_id = $_GET[f] LIMIT 1");  
	  print "Forum sorting successfully updated!";
	  }
	  }
	  if (isset($_GET['sort']) and $_GET['sort']=="default")
	  {
	  $resultc = $db->query("SELECT cat_id,cat_sort FROM " . $table_prefix . "categories");
	  while ($rowc = mysql_fetch_assoc($resultc)) {
	  if ($rowc['cat_id'] != $rowc['cat_sort'])
	  {$sort_default = $db->query("UPDATE " . $table_prefix . "categories SET cat_sort = cat_id");}
	  }
	  echo "Categories successfully updated!";
	  }
	  
          echo " <script>
function confirmDelete(delUrl) {
if (confirm('Are you sure you want to delete this forum? (You will not be asked again!)')) {
document.location = delUrl;
  }
}  
</script>";
          $result = $db->query("SELECT * FROM " . $table_prefix . "categories WHERE cat_parent = 0 ORDER BY cat_sort,cat_id ASC");
          echo "<table border=1><tr><th></th><th>&nbsp;<b><a href='create_forum.php'><img align='absmiddle' border='0' src='./style/default/add.gif'> Add Forum</b></a> | <a href='forums.php?sort=default'>Default sort</a></th><th></th><th>&nbsp;Sort (not working yet)</th></tr>";
          while ($row = mysql_fetch_assoc($result)) {
              $forum_cat = $db->query("SELECT * FROM " . $table_prefix . "categories WHERE cat_parent = " . $row['cat_id'] . " ORDER BY cat_sort,cat_id ASC");
			$sortup = $row['cat_sort']-1;
			$sortdown = $row['cat_sort']+1;
              echo "<tr><td></td>
<td height='30px'><div align='center'><b><a href='forums.php?forum_edit=$row[cat_id]'>$row[cat_name]</a></b></div></td> 
<td><a name='edit_forum' title='Click to edit' href='forums.php?forum_edit=$row[cat_id]'><img align='absmiddle' border=0 src='./style/default/edit.gif'></a>
<a title='Delete forum. All posts and topics will be deleted!' href='javascript:confirmDelete(\"forums.php?forum_delete=$row[cat_id]\")'><img align='absmiddle' border=0 src='./style/default/delete.gif'></a>
</td><td> <a href='forums.php?sort=$sortup&f=$row[cat_id]'><img title='Move up' src='./style/default/arrow_up.png' border=0 align='absmiddle'></a> | <a href='forums.php?sort=$sortdown&f=$row[cat_id]'><img title='Move down' src='./style/default/arrow_down.png' border=0 align='absmiddle'></a></td></tr>";
              while ($row2 = mysql_fetch_assoc($forum_cat)) {
                  $result2 = $db->query("SELECT * FROM " . $table_prefix . "topics WHERE topic_cat = " . $row2['cat_id'] . "");
                  $result3 = $db->query("SELECT SUM(reply) FROM " . $table_prefix . "topics WHERE topic_cat = " . $row2['cat_id'] . "");
                  $row3 = mysql_fetch_array($result3);
                  $topics = "<p class='alignright'> Topics: <b>" . mysql_num_rows($result2) . "</b>";
                  $num_replies = $row3['SUM(reply)'];
                  if ($num_replies <= 0) {
                      $num_replies = "0";
                  }
                  $posts = " / Posts: <b>" . $num_replies . "</b> &nbsp;&nbsp;</p>";
                  
                  $forum = "<font color='blue'> " . $row2['cat_name'] . "</font>";
                  $desc = $row2['cat_description'];
                  $icon = "<img src='../style/default/img/$row2[cat_icon]'>";
                  if ($row2['cat_parent'] <= 0) {
                      $forum = "<div align='center'><b>" . $row2['cat_name'] . "</b></div>";
                      $desc = "";
                      $icon = "";
                      $topics = "";
                      $posts = "";
                  }
				  $sortup = $row2['cat_sort']-1;
				  $sortdown = $row2['cat_sort']+1;
                  echo "<tr><td width='32px' align='center'>$icon</td>
<td width='450px' height='40px'><a 'edit_forum' title='Click to edit' href='forums.php?forum_edit=$row2[cat_id]'><b>$forum</b></a>  " . $topics . "" . $posts . "
<br/>$desc</td>  
<td width = '100'>
<a name='edit_forum' title='Click to edit' href='forums.php?forum_edit=$row2[cat_id]'><img align='absmiddle' border=0 src='./style/default/edit.gif'></a>
 <a title='Delete forum. All posts and topics will be deleted!' href='javascript:confirmDelete(\"forums.php?forum_delete=$row2[cat_id]\")'><img align='absmiddle' border=0 src='./style/default/delete.gif'></a></td>
<td> <a href='forums.php?sort=$sortup&f=$row2[cat_id]'><img title='Move up' src='./style/default/arrow_up.png' border=0 align='absmiddle'></a> | <a href='forums.php?sort=$sortdown&f=$row2[cat_id]'><img title='Move down' src='./style/default/arrow_down.png' border=0 align='absmiddle'></a></td>
";
              }
          }
          echo "</tr></table>";
      } else {
          if ($_SERVER['REQUEST_METHOD'] != 'POST' and !isset($_GET['forum_delete'])) {
              $result = $db->query("SELECT * FROM " . $table_prefix . "categories WHERE cat_id = " . mysql_real_escape_string($_GET['forum_edit']) . " LIMIT 1");
              $row = mysql_fetch_assoc($result);
              
              echo '<div align="center"><table style="width:500px;" border=1><tr><td align="left"><form method="post" action="">
<br><b>Forum name: </b><br><input value="' . $row['cat_name'] . '" maxlength="50" size="40" type="text" name="forum_name" /><br><br></td></tr>
<tr><td><b>Description:</b></b><br><textarea name="cat_description" style="width:450px;height:100px;" />' . $row['cat_description'] . '</textarea><br /><br /></td></tr>

<tr><td>
<b>Permission:</b><br> <select name = "forum_permission">';
              $selected = "";
              if ($row['cat_permission'] <= 1) {
                  $selected = "selected";
              }
              echo '<option ' . $selected . ' value = "1">All can read this forum</option>';
              $selected = "";
              if ($row['cat_permission'] == 2) {
                  $selected = "selected";
              }
              echo '<option ' . $selected . ' value = "2">Only registered users</option>';
              $selected = "";
              if ($row['cat_permission'] == 3) {
                  $selected = "selected";
              }
              echo '<option ' . $selected . ' value = "3">Only moderators</option>';
              $selected = "";
              if ($row['cat_permission'] == 4) {
                  $selected = "selected";
              }
              echo '<option ' . $selected . ' value = "4">Locked Forum</option>
</select><br /><br /></td></tr><tr><td>
<br/><b>Forum icon:</b><br/><input type="text" name="forum_icon" value="' . $row[cat_icon] . '"/>
<img align="absmiddle" src="../style/default/img/' . $row[cat_icon] . '">
<br /><br /></td></td><tr><td align="center">

<input class="menuButtons" type="submit" value="Edit forum" />
</form></td></tr></table></div><br /><br />
</tr></table>
';
          }
      }
      if ($_SERVER['REQUEST_METHOD'] == 'POST' and mysql_real_escape_string($_GET['forum_delete']) == "") {
          $forum_name = $_POST['forum_name'];
          $forum_desc = $_POST['cat_description'];
          $forum_permission = $_POST['forum_permission'];
          $forum_icon = $_POST['forum_icon'];
          $result = $db->query("UPDATE " . $table_prefix . "categories SET 
cat_name='$forum_name', 
cat_description='$forum_desc',
cat_permission = '$forum_permission',
cat_icon = '$forum_icon' WHERE cat_id = " . mysql_real_escape_string($_GET['forum_edit']) . "
 ");
          if ($result) {
              echo "<div align='center'><br>Forum succesfully updated.<br/><br/><a href='forums.php'>Back to edit forums</a></div><br/>";
          }
      }
      if ($_SERVER['REQUEST_METHOD'] != 'POST' and isset($_GET['forum_delete'])) {
          $delete_forum = mysql_real_escape_string($_GET['forum_delete']);
          $result = $db->query("DELETE FROM " . $table_prefix . "posts WHERE post_cat = " . mysql_real_escape_string($_GET['forum_delete']) . "") or die(mysql_error());
          echo "<div align='center'>";
          if ($result) {
              echo "All posts in this forum successfully deleted!<br/>";
          }
          
          $result2 = $db->query("DELETE FROM " . $table_prefix . "topics WHERE topic_cat = " . mysql_real_escape_string($_GET['forum_delete']) . "") or die(mysql_error());
          
          if ($result2) {
              echo "All topics in this forum successfully deleted!<br/>";
          }
          
          $result3 = $db->query("DELETE FROM " . $table_prefix . "categories WHERE cat_id = " . mysql_real_escape_string($_GET['forum_delete']) . "") or die(mysql_error());
          if ($result3) {
              echo "Forum/Category successfully deleted!<br/>";
          }
          echo "<br/><br/><a href='admin_synch_posts.php'>Synchronize user posts (recommended)</a>
<br/><br/><a href='forums.php'>Back to previous page</a><div>";
          if (file_exists("../cache/forum" . mysql_real_escape_string($_GET['forum_delete']) . ".php")) {
              unlink("../cache/forum" . mysql_real_escape_string($_GET['forum_delete']) . ".php");
          }
      }
  }
  // Get all the page's HTML into a string
  $pageContents = ob_get_contents();
  // Wipe the buffer 
  ob_end_clean();
  echo str_replace('<!--TITLE-->', $pageTitle, $pageContents);
?>